From 135c6462b0cda73eaf4d27efbf6b1ecfac0b3b34 Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Sun, 24 Feb 2019 22:04:15 +0000
Subject: Harden img2txt.profile (#2464)

---
 etc/img2txt.profile | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'etc')

diff --git a/etc/img2txt.profile b/etc/img2txt.profile
index 2011759e3..24fd29fbe 100644
--- a/etc/img2txt.profile
+++ b/etc/img2txt.profile
@@ -15,7 +15,10 @@ include disable-passwdmgr.inc
 include disable-programs.inc
 include disable-xdg.inc
 
+apparmor
 caps.drop all
+ipc-namespace
+machine-id
 net none
 nodbus
 nodvd
@@ -36,3 +39,7 @@ private-cache
 private-dev
 # private-etc alternatives
 private-tmp
+
+memory-deny-write-execute
+noexec ${HOME}
+noexec /tmp
-- 
cgit v1.2.3-70-g09d2